Security researchers have uncovered another Spectre-style vulnerability in Intel chips that can pry secrets out from protected enclaves onboard the CPU.
The new vulnerability affects Intel’s SGX technology, which is designed to let applications running on a computer place your most sensitive data inside a virtual fortress. Data inside each enclave is supposed to be protected from alteration or access from outside programs such as malware, making it an ideal place to store information such as credit card records or your social security number.
However, security researchers have discovered that Intel’s SGX technology — found in the company’s Skylake and Kaby Lake processors — isn’t quite as impenetrable as previously thought. It can be broken down with a process called “speculative execution,” a performance-boosting feature found in most modern computer chips that can also be rigged to leak sensitive data out from your PC.
Intel’s SGX technology is actually supposed to prevent speculative execution-style attacks. However, the security researchers discovered a way to bypass the safeguards and create a “shadow copy” of any SGX enclave at an unprotected location of the computer’s CPU. Data inside the enclave can then be read, rendering the protections useless.
The security researchers have named the vulnerability Foreshadow, but their findings build upon previous research over the security dangers of speculative execution. In January, the tech industry publicized two separate flaws, named Spectre and Meltdown, that also exploit the same performance-boosting feature in modern computer chips to steal data from protected processes.
Why is speculative execution such a risk? The performance-boosting feature works by pre-loading computing instructions, which can cut down on load times. However, researchers realized you could also exploit this same process to pre-fetch sensitive data out from other programs. In the wrong hands, speculative execution could give hackers a new way to steal confidential data, such as passwords, from your computer via a piece of malware or even through the browser.
The good news is that exploiting speculative execution isn’t easy. So far, the tech industry hasn’t reported any attacks leveraging Spectre, Meltdown or the recently discovered Foreshadow vulnerabilities. It’s far more likely that cybercriminals will stick with tried-and-true hacking methods, such as email phishing and password cracking, before attempting to weaponize the vulnerabilities.
Nevertheless, the newly-publicized Foreshadow flaw is still concerning. The researchers who’ve uncovered the vulnerability say it can also be leveraged to attack data centers by breaking the security boundaries between one client’s virtual machine and another. For instance, a hacker could use a variant of Foreshadow to log into a cloud service and potentially read memory from another user hosted on the same server. This particular Foreshadow variant goes beyond Intel chips with SGX technology, and affects all Core processors built over the last seven years.
How do you protect yourself? Intel is rolling out new patches on Tuesday that’ll work with previous updates for the Meltdown and Spectre to ward off the potential threat. Microsoft has also released patches to lessen the danger.
“Once systems are updated, we expect the risk to consumer and enterprise users running non-virtualized operating systems will be low,” Intel said in a statement. “This includes most of the data center installed base and the vast majority of PC clients. In these cases, we haven’t seen any meaningful performance impact from the above mitigations based on the benchmarks we’ve run on our test systems.”